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Amendment to the Claitns 

The listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims : 

1. (currently amended) A method for generating a control message to be 
transmitted from a first network device to a second network device in a data network, the control 
message relating to an action to be performed at the second network device, the method 
comprising: 

determining a first control message to be generated, wherein the first control message 
corresponds to a security protocol control message; 

identifying reason information relating to at least one reason for generating the first 
control message; and 

generating the first control message, wherein the first control message includes explicit 
reason information relating to the identified at least one reason for generating the control 
message! 

wherein the first control message includes a first pavioad selected from a group 
incliMKnp? a security association pavioad and a delete pavioad: 

wherein the first pavioad includes the reason infivrm atiorL 

2. (currently amended) The method of claim 1 wherein the first control message is 
formatted in accordance with corresponds to an Internet Key Exchange protocol control 
message. 

3. (currently amended) The method of claim 1 wherein the first control message is 
formatted in accordance with corresponds to an IP Security protocol control message. 

4. (currently amended) The method of claim 1 wherein the first control message is 
formatted in accordance with corr e spond!; to an Internet Security Association Key Management 
Protocol control mossngo . 
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5. (original) The method of claim 1 wherein ifae first control message corresponds to a 
control message used for modifying a security association. 

6. (original) The method of claim 1 further comprising transmitting the first control 
message to the second network device to thereby cause the second network device to implement 
an appropriate action in response to the first control message. 

7. (currently amended) A method for communicating between nodes in a data 
network, the method comprising: 

receiving a first control message from a first node, the first control message 
corresponding to a security protocol control message, the first control message including explicit 
reason information relating to at least one reason for the generation of the first control message, 
the first control message including a first navload. the reason information being included in thft 
first payload, t he first payload be in g selected from a group including: a security association 
pavload and a delete pavload : 

identifying the reason information; 

deteraiining an appropriate response to the first control message using at least said reason 
information; and 

implementing said appropriate response. 

8. (currently amended) The method of claim 7 wherein the first control message is 
formatted in accordance with corresponds to an Internet Key Exchange protocol control 
message . 

9. (currently amended) The method of claim 7 wherein the first control message is 
formatted in accordance with corresponds to an IP Security protocol control messag e. 

10. (currently amended) The method of claim 7 wherein the first control message is 
formatted in accordance with corresponds to an Internet Security Association Key Management 
Protocol 

11. (original) The method of claim 7 wherein the first control message corresponds to a 
control message used for modifying a security association. 
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1 2. (original) The method of claim 7 further comprising: 

implementing a first response to the first control message if the reason information 
includes a first reason code; gad 

implementing a second response to the control message if the reason information includes 
a second reason code. 



13. (original) The method of claim 7 wherein the control message relates to an action to 
be performed at a network device receiving the control message. 

14. (currently ameaded) A computer program product for generating a control 
message to be transmitted from a first network device to a second network device in a data 
network, the control message relating to an action to he performed at the second network device, 
the computer program product comprising: 

a computer usable medium having computer readable code embodied therein, the 
computer readable code comprising: 

computer code for determining a first control message to be generated, wherein the first 
control message corresponds to a security protocol control message; 

computer code for identifying reason information relating to at least one reason for 
generating the first control message; and 

computer code for generating the first control message, wherein the first control message 
includes explicit reason information relating to the identified at least one reason for generating 
the control message^ 

wherein the first control message incl udes a first navload selected from a group 
includin g: a security association payload and a delete pavload: 

wherein th e first pavload includes the reason information . 

15. (currently amended) The computer program product of claim 14 is formatted in 
accordance with corresponds * e an Internet Key Exchange protocol eentrol moGsago. 

16. (currently amended) The computer program product of claim 14 wherein the 
first control message is formatted in accordance with corresponds-^ an IP Security protocol 
control message 
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17. (currently amended) The computer program product of claim 14 wherein the 
first control message is formatted in accordant corresponds to an Internet Security 
Association Key Management Protocol control message. 

18. (original) The computer program product of claim 14 wherein the first control 
message corresponds to a control message used for modifying a security association. 

19. (currently amended) A computer program product for communicating between 
nodes in a data network, the computer program product comprising: 

a computer usable medium having computer readable code embodied therein, the 
computer readable code comprising: 

computer code for receiving a first control message from a first node, the first control 
message corresponding to a security protocol control message, the first control message 
including explicit reason information relating to at least one reason for the generation of the first 
control message, the first control message incl uding a first pavload. the first pavload including 
the reason information, the first p avload being selected from a group including: a security 
association pavload and a delete pay lna/T; 

computer code for identifying the reason information; 

computer code for deter mining an appropriate response to the first control message using 
at least said reason information; and 

computer code for implementing said appropriate response. 

20. (currently amended) The computer program product of claim 19 wherein the 
first control message is formatted in accordan ce with corresponds to an Internet Key Exchange 
protocol control mosoago . 

21. (currently amended) The computer program product of claim 19 wherein the 
first control message is formatted in accordan ce with corr e sp on ds to an IP Security protocol 
control message . 

22. (currently amended) The computer program product of claim 19 wherein the 
first control message i« formntt^ in accordant with eerrocponda to an Internet Security 
Association Key Management Protocol control mosoago. 
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23. (original) The computer program product of claim 19 wherein the first control 
message corresponds to a control message used for modifying a security association, 

24. (original) The computer program product of claim 19 further comprising: 
computer code for implementing a first response to the first control message if the reason 

information includes a first reason code; and 

computer code for implementing a second response to the control message if the reason 
information includes a second reason code. 

25. (original) The computer program product of claim 19 wherein the control message 
relates to an action to be performed at a network device receiving the control message. 

26. (currently amended) A system for communicating between nodes in a data 
network, the system comprising: 

means for receiving a first control message from a first node, the first control message 
corresponding to a security protocol control message, the first control message including explicit 
reason information relating to at least one reason for the generation of the first control message; 

means for identifying the reason information; 

means for determining an appropriate response to the first control message using at least 
said reason information; and 

means for implementing said appropriate response^ 

wherein the first contr ol message includes a first pavload selected from a group 
including: a security association pavload and a delete pavload; 

wherein the first pavl oad includes the reasnn inform ation . 

27. (currently amended) The system of claim 26 wherein the first control message is 
formatted in accordfmce with corresponds to an Internet Key Exchange protocol control 
message. 

28. (currently amended) The system of claim 26 wherein the first control message is 
formatted in accordance with corresponds 4e an IP Security protocol control message. 
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29. (currently amended) The system of claim 26 wherein the first control message is 
formatted in accordance with c orresponds t u an Internet Security Association Key Management 
Protocol control message. 

30. (original) The system of claim 26 wherein the first control message corresponds to a 
control message used for modifying a security association. 

31. (original) The system of claim 26 further comprising means for transmitting the first 
control message to the second network device to thereby cause the second network device to 
implement an appropriate action in response to the first control message. 

32. (original) The system of claim 26 further comprising: 

means for implementing a first response to the first control message if the reason 
information includes a first reason code; and 

means for implementing a second response to the control message if the reason 
information includes a second reason code, 

33. (original) The system of claim 26 wherein the control message relates to an action to 
be performed at a network device receiving the control message. 

34. (currently amended) A system for generating a control message to be 
transmitted to a network device in a data network, the control message relating to an action to be 
performed at the network device, the system comprising: 

at least one CPU; 
memory; and 

at least one interface for communicating with the network device; 

the system being configured or designed to determine a first control message to be 
generated, wherein the first control message corresponds to a security protocol control message; 

the system being further configured or designed to identify reason information relating to 
at least one reason for generating the first control message; and 

the system being further configured or designed to generate the first control message, 
wherein the first control message includes explicit reason information relating to the identified at 
least one reason for generating the control message^ 
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w herein the first control mess age inclu de s a first riavl^H elected from a o ^» r 
including: a securit y association pavload and a delete pavload; 

wherein the first pavloa d includes the reason information. 

35. (currently amended) The system of claim 34 wherein the first control message is 
formatted in accordance with corresponds to an Internet Key Exchange protocol control 
message 

36. (currently amended) The system of claim 34 wherein the first control message is 
formatted hi, accordance with corrospondc to an IP Security protocol control message, 

37. (currently amended) The system of claim 34 wherein the first control message is 
for matted in accordance with corresponds to an Internet Security Association Key Management 
Protocol control m e ssag o. 

38. (original) The system of claim 34 wherein the first control message corresponds to a 
control message used for modifying a security association. 

39. (original) The system of claim 34 being further configured or designed to transmit 
the first control message to a second network device to thereby cause the second network device 
to implement an appropriate action in response to the first control message. 

40. (currently amended) A system for communicating between nodes in a data 
network, die system comprising: 

at least one CPU; 

memory; and 

at least one interface for communicating with at least one network device^]; wfacroin the 
first control messag e corresponds to a security protocol control me ssage? 

the system being configured or designed to receive a first control message from a first 
node,_the first control message correspondin g to a security protocol control message, t he first 
control message including explicit reason information relating to at least one reason for the 
generation of the first control messag e, the first control message including a first pavload, the 
first pa v l oad including the reason information- the first p a yload being selected from a group 
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including: a security association payl oad and a d^ete pavload. wh^rin the first n«vTn,rt i™^- 
the reason information: 

the system being further configured or designed to identify the reason information; 
the system being further configured or designed to determine an appropriate response to 
the first control message using at least said reason information; and 

the system being further configured or designed to implement said appropriate response. 

41. (currently amended) The system of claim 40 wherein the first control message is 
formatted in accordance with coiroopondo to an Internet Key Exchange protocol control 
moGoagc. 

42. (currently amended) The system of claim 40 wherein the first control message is 
formatted in accordance with c orresponds to an IP Security protocol control raossago. 

43. (currently amended) The system of claim 40 wherein the first control message is 
formatted in accordance with corresponds to an Internet Security Association Key Management 
Protocol control message . 

44. (original) The system of claim 40 wherein the first control message corresponds to a 
control message used for modifying a security association. 

45 . (original) The system of claim 40 further comprising: 

the system being further configured or designed to implement a first response to the first ^fl 
control message if the reason information includes a first reason code; and CO 

the system being further configured or designed to implement a second response to the 
control message if the reason information includes a second reason code. ^ 

46. (new) The method of claim 1 : jjj 
wherein the security association payload is adapted to facilitate negotiation of a security \j\ 

association between a first network node and a second network node; and ^ 
wherein the delete payload is adapted to facilitate deletion of a security association O 
associated with a first network node and a second network node. *3 
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47. (new) The method of claim 7: 

wherein the security association payload is adapted to facilitate negotiation of a security 
association between a first network node and a second network node; and 

wherem the delete payload is adapted to facilitate deletion of a security association 
associated with a first network node and a second network node. 

48. (new) The computer program product of claim 14: 

wherein the security association payload is adapted to facilitate negotiation of a security 
association between a first network node and a second network node; and 

wherein the delete payload is adapted to facilitate deletion of a security association 
associated with a first network node and a second network node. 

49. (new) The computer program product of claim 1 9: 

wherem the security association payload is adapted to facilitate negotiation of a security 
association between a first network node and a second network node; and 

wherein the delete payload is adapted to facilitate deletion of a security association 
associated with a first network node and a second network node, 

50. (new) The system of claim 26: 

wherein the security association payload is adapted to facilitate negotiation of a security 
association between a first network node and a second network node; and 

wherein the delete payload is adapted to facilitate deletion' of a security association 
associated with a first network node and a second network node. 

51. (new) The system of claim 34: 

wherein the security association payload is adapted to fecilitate negotiation of a security 
association between a first network node and a second network node; and 

wherein the delete payload is adapted to facilitate deletion of a security association 
associated with a first network node and a second network node. 

52. (new) The system of claim 40: 

wherein the security association payload is adapted to facilitate negotiation of a security 
association between a first network node and a second network node; and 
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wherem the delete payload is adapted to facilitate deletion of a security association 
associated with a first network node and a second network node. 
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